Privilege Escalation: Unauthorized Password Modification in Zoho ManageEngine Desktop Central
CVE-2022-23863 · MEDIUM Severity
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
Zoho ManageEngine Desktop Central before 10.1.2137.10 allows an authenticated user to change any user's login password.
Learn more about our Cis Benchmark Audit For Desktop Software.